﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;

namespace SnippetBox.Core.Infrastructure.Security {
    public class SettingsAuthorizeAttribute : AuthorizeAttribute {
        protected override bool AuthorizeCore(HttpContextBase httpContext) {
            if ((!FormsAuthentication.LoginUrl.Equals(httpContext.Request.Url.AbsolutePath, StringComparison.OrdinalIgnoreCase) &&
                    !httpContext.Request.Url.AbsolutePath.ToLower().StartsWith("/user/register")) &&
                    !httpContext.Request.Url.AbsolutePath.ToLower().StartsWith("/user/usernamefree")
                    && Settings.Current.Permissions.RequireLogin)
                return base.AuthorizeCore(httpContext);
            return true;
        }
    }
}
